Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/PeV6VECWv5HVGM8xvUtA8h_xQak.roa
File: PeV6VECWv5HVGM8xvUtA8h_xQak.roa (raw, json)
Hash identifier: FfZYa2Fr33tB3+HjNyzJQdsrHilVke8MPiWqXwpuMCQ=
Subject key identifier: 3D:E5:7A:54:40:96:BF:91:D5:18:CF:31:BD:4B:40:F2:1F:F1:41:A9
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 0196D37155C0A4D68690D43BD05624CE8EA3
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/PeV6VECWv5HVGM8xvUtA8h_xQak.roa
Signing time: Thu 15 May 2025 10:15:42 +0000
ROA not before: Thu 15 May 2025 10:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 65.111.0.0/19 maxlen: 19
104.207.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 05 Jun 2025 16:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:71:55:c0:a4:d6:86:90:d4:3b:d0:56:24:ce:8e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: May 15 10:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3de57a544096bf91d518cf31bd4b40f21ff141a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e4:db:6b:2f:1d:99:53:89:74:b4:4b:cf:0d:
b2:e6:ab:07:17:3b:15:8b:a0:ea:7b:f1:23:6e:22:
cf:3e:f6:ca:31:5c:5a:ee:c0:ae:e2:99:5a:33:3f:
fd:53:8a:24:c7:d2:9c:18:18:13:df:7e:a2:be:00:
8c:d1:b8:ed:b3:d1:77:c1:01:f8:7f:9b:e5:5e:ef:
0a:20:fd:86:36:48:cb:a9:2e:d2:5f:80:2e:51:ec:
ed:18:0e:f7:2b:d4:94:74:8d:89:e0:87:38:e6:88:
2e:b0:94:9e:26:78:af:19:b4:79:84:9c:1f:a2:d1:
6e:95:1f:c9:4c:73:ed:b5:32:f4:bc:a0:d8:bf:32:
5a:f9:66:9d:35:fa:40:de:09:7a:12:cf:d1:05:86:
24:3a:72:11:27:5d:92:13:39:e5:a8:53:d0:20:bf:
28:d7:2e:26:36:b2:21:69:17:ea:a8:5d:ee:e0:e3:
6e:22:a2:0d:9d:56:4a:7e:2f:70:67:61:54:52:bc:
1a:28:e4:32:bb:6c:c2:3a:bf:73:2e:48:d6:de:be:
6c:50:ba:a4:68:b7:65:f8:cd:69:f1:93:2f:b0:da:
5d:a3:2d:6c:e7:d8:be:65:a0:7c:1b:07:1f:dd:7c:
9e:d7:f3:6f:04:94:0c:5d:11:8a:2a:59:32:02:b5:
ae:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E5:7A:54:40:96:BF:91:D5:18:CF:31:BD:4B:40:F2:1F:F1:41:A9
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/PeV6VECWv5HVGM8xvUtA8h_xQak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.111.0.0/19
104.207.32.0/19
Signature Algorithm: sha256WithRSAEncryption
25:cd:d0:80:4f:59:44:34:a8:19:82:84:73:fc:d9:59:14:51:
0c:81:f9:9d:94:7f:7d:7d:79:68:55:4c:18:59:58:b8:c5:dd:
be:34:84:01:b5:7f:da:0f:33:ef:bb:7a:f6:90:24:a9:ec:38:
75:60:c2:a9:9c:71:67:ab:03:57:98:75:f5:e6:d1:a6:3f:58:
fe:e2:08:0d:3c:db:2d:e2:37:4e:fe:f1:f0:21:a1:a1:4b:a1:
64:8a:c1:20:64:1b:46:92:53:be:fd:5c:96:1b:a5:76:a7:ee:
02:92:23:9f:81:df:1c:04:04:4a:8e:6e:5f:fc:6a:01:bb:d1:
2a:36:1e:51:20:39:d6:4c:46:c6:d6:be:b1:df:35:bc:7e:3f:
49:36:3c:fa:be:90:1f:81:27:41:a9:f8:69:5c:76:4b:c6:dc:
7d:3a:80:2c:2c:b9:a4:79:43:d7:c5:a0:37:16:e4:68:d2:85:
d5:99:de:9d:4e:aa:cb:ab:14:97:86:2c:28:87:d8:e4:57:4b:
08:26:12:11:d6:59:50:b3:5a:49:6d:5d:31:04:1b:36:ea:b1:
ff:f7:f6:4d:70:99:6c:c0:14:2b:f7:1f:12:05:da:80:ea:e1:
20:8b:64:c2:4c:3c:47:fb:9c:90:65:20:7d:db:d8:31:04:53:
e4:d1:b6:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbTcVXApNaGkNQ70FYkzo6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjUwNTE1MTAxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU1N2E1NDQwOTZiZjkxZDUxOGNmMzFiZDRiNDBmMjFmZjE0MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OTbay8dmVOJdLRLzw2y5qsHFzsV
i6Dqe/EjbiLPPvbKMVxa7sCu4plaMz/9U4okx9KcGBgT336ivgCM0bjts9F3wQH4
f5vlXu8KIP2GNkjLqS7SX4AuUeztGA73K9SUdI2J4Ic45ogusJSeJnivGbR5hJwf
otFulR/JTHPttTL0vKDYvzJa+WadNfpA3gl6Es/RBYYkOnIRJ12SEznlqFPQIL8o
1y4mNrIhaRfqqF3u4ONuIqINnVZKfi9wZ2FUUrwaKOQyu2zCOr9zLkjW3r5sULqk
aLdl+M1p8ZMvsNpdoy1s59i+ZaB8Gwcf3Xye1/NvBJQMXRGKKlkyArWuywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD3lelRAlr+R1RjPMb1LQPIf8UGpMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvUGVWNlZFQ1d2NUhWR004eHZVdEE4aF94UWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFQW8AAwQF
aM8gMA0GCSqGSIb3DQEBCwUAA4IBAQAlzdCAT1lENKgZgoRz/NlZFFEMgfmdlH99
fXloVUwYWVi4xd2+NIQBtX/aDzPvu3r2kCSp7Dh1YMKpnHFnqwNXmHX15tGmP1j+
4ggNPNst4jdO/vHwIaGhS6FkisEgZBtGklO+/VyWG6V2p+4CkiOfgd8cBARKjm5f
/GoBu9EqNh5RIDnWTEbG1r6x3zW8fj9JNjz6vpAfgSdBqfhpXHZLxtx9OoAsLLmk
eUPXxaA3FuRo0oXVmd6dTqrLqxSXhiwoh9jkV0sIJhIR1llQs1pJbV0xBBs26rH/
9/ZNcJlswBQr9x8SBdqA6uEgi2TCTDxH+5yQZSB929gxBFPk0baA
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:35:43 2025 by rpki-client